Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1847

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2011-1847
Last Modified 26 Jan 2012 10:59:54
Published 03 May 2011 04:55:12
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2011-1847

Summary

IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Ibm Db2 9.5

  • Ibm Db2 9.7


References

XF - ibm-db2-rds-sec-bypass(66979)

VUPEN - ADV-2011-1083

BID - 47525

AIXAPAR - IC72119

AIXAPAR - IC71413

CONFIRM - http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC72119

CONFIRM - http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71413

SECUNIA - 44229


Last Updated: 27 May 2016 10:56:49